encrypted Archives

AppWizard

May 6, 2025

Mike Waltz’s Cabinet Messaging App Goes Dark After Massive Hack

TeleMessage, an encrypted messaging application, has temporarily suspended its services following a security breach. The platform was used by dismissed national security adviser Mike Waltz during a Cabinet meeting, and a leaked image of his inbox showed conversations with notable figures such as Vice President JD Vance and Secretary of State Marco Rubio. The breach, reported by 404 Media, did not access messages among Cabinet members but compromised data from Customs and Border Protection, cryptocurrency firm Coinbase, and various financial institutions. The hacker claimed the breach was easy, completing it within 15-20 minutes. Signal, the platform from which TeleMessage archives messages, stated it cannot guarantee the security of unofficial versions. TeleMessage was acquired by U.S. company Smarsh last year for archiving communications. Following controversies, including Waltz's accidental inclusion in a group chat discussing a military operation, he was removed from his position, and President Trump expressed skepticism about using Signal for government communications.

Winsage

May 6, 2025

BitLocker is Locking Out Windows 11 Users; Here’s How to Recover and Prevent It

Microsoft's Windows 11 24H2 update enables BitLocker (Device Encryption) by default, encrypting the entire drive to protect user data. BitLocker is automatically activated during a clean installation when users sign in with a Microsoft account, and manufacturers will have it enabled by default on new PCs with this version. Microsoft has relaxed certain hardware requirements to increase accessibility. Users have reported being locked out of their PCs due to a lack of communication about BitLocker's activation process. The BitLocker recovery key can be found by signing into the Microsoft account linked to the PC at account.microsoft.com/devices/recoverykey. To disable BitLocker, Windows 11 Home users can go to Settings > Privacy & Security > Device Encryption, while Pro users can search for Manage BitLocker in the Start menu. To prevent automatic BitLocker encryption during installation, users can modify settings in the Registry Editor.

AppWizard

May 6, 2025

‘Intrusion Detection’ might help Android 16 users catch suspicious phone activity

Google is set to introduce a security feature called "Intrusion Detection" in its upcoming Android 16, aimed at enhancing user security against threats. This feature, found in a beta version of the Google Play Services app, will log encrypted entries of essential device information to help users identify suspicious activity. "Intrusion Detection" is expected to be part of the Advanced Protection Program, which includes measures against malicious downloads and supports passkey sign-ins, moving away from traditional passwords. The feature's development has progressed, but it is unclear if it will launch with Android 16 or later. Android 16 Beta 4 was released to testers in mid-April, leading up to the anticipated full launch in May 2025.

AppWizard

May 6, 2025

TeleMessage suspends services after hackers claim breach

TeleMessage has temporarily suspended all services due to a reported security breach, with the parent company Smarsh investigating the incident. Customs and Border Protection (CBP) has discontinued using the app as a precaution. A hacker claimed to have accessed a centralized TeleMessage server and downloaded data, including a screenshot of the contact list for employees at Coinbase, which confirmed the authenticity of the screenshot but stated that customer data remained secure. Multiple U.S. government agencies have contracts with TeleMessage or related entities. Another hacker also claimed to have breached TeleMessage, providing evidence of their claims. The investigation into the breach is ongoing, and it is unclear if sensitive communications from U.S. officials were compromised.

AppWizard

May 5, 2025

Messaging app used by Trump official suspends operations after reported hack

National Security Advisor Michael Waltz was preparing for a television interview at the White House using the messaging app TeleMessage, which is currently facing a temporary suspension due to a security breach. The parent company, Smarsh, is investigating the incident and has halted all TeleMessage services while engaging an external cybersecurity firm. The breach reportedly involves the theft of data from messages sent via TeleMessage's versions of popular messaging platforms, but there is no indication that Waltz's messages were accessed. The White House has not responded to inquiries about the service suspension. Waltz was previously photographed using TeleMessage while communicating with various officials. Former President Donald Trump intends to nominate Waltz as the U.S. ambassador to the United Nations, with Secretary of State Marco Rubio serving as the interim national security advisor. Concerns have been raised about whether private messages are automatically deleted, potentially violating federal records-retention laws, and TeleMessage may compromise Signal's end-to-end encryption.

Tech Optimizer

May 5, 2025

Chimera Malware: Outsmarting Antivirus, Firewalls, and Human Defenses

X Business, an e-commerce store specializing in handmade home décor, experienced a cybersecurity incident involving a malware strain called Chimera. The attack began during a routine update to their inventory management system and escalated within 12 hours, resulting in halted customer orders, locked employee accounts, and a crashed website. The attackers demanded a ransom of 0,000 in cryptocurrency, threatening to expose sensitive customer data. Chimera is an AI-driven malware that adapts its code to evade detection, targeting both Windows and macOS systems. It exploited a zero-day vulnerability in Windows' Print Spooler service and bypassed macOS security measures by forging code signatures. The malware used social engineering tactics to deceive employees into activating malicious payloads, leading to compromised systems and encrypted customer data. The recovery process took 48 hours, utilizing cybersecurity tools like CrowdStrike Falcon and SentinelOne Singularity to identify and isolate the malware. Data restoration was achieved through Acronis Cyber Protect and macOS Time Machine, while vulnerabilities were addressed with Qualys and emergency patch deployment via WSUS. The network security framework was improved using Cisco Umbrella and Zscaler Private Access to implement a Zero Trust architecture. The incident highlights the need for small enterprises to adopt proactive cybersecurity strategies, including a 3-2-1 backup approach, Zero Trust models, investment in AI-driven defense tools, and employee training to recognize social engineering attempts.

Winsage

May 4, 2025

Do Not Open This PDF On A Microsoft Windows PC

Microsoft has warned about the increasing use of PDF attachments in cyberattacks, particularly during the U.S. tax season. Attackers have been using PDFs with embedded links that redirect users to counterfeit pages, such as a fake DocuSign site. TrustWave SpiderLabs has identified a new campaign involving a fake payment SWIFT copy that leads to a malicious PDF containing obfuscated JavaScript, which downloads a script that conceals the RemcosRAT payload using steganography. This technique involves hiding links within images, making them difficult to detect. The latest attacks begin with phishing emails containing malicious PDFs that direct victims to harmful webpages, facilitating the delivery of RemcosRAT, a trojan that allows remote control of compromised systems. Users are advised to be cautious of emails labeled “SWIFT Copy” and to delete suspicious emails immediately.

AppWizard

May 3, 2025

Photo appears to shows Mike Waltz using Signal-like app that can archive messages

White House Deputy Press Secretary Anna Kelly confirmed that the encrypted messaging application Signal is officially sanctioned for government use and installed on government-issued devices. The National Security Council has not commented on the related app, TeleMessage, which is derived from Signal and designed to help government entities comply with records retention laws. TeleMessage was founded in 1999, acquired by Smarsh in 2024, and has been involved in government contracts, including a .1 million contract with the Department of Homeland Security and FEMA that began in February 2023 and will conclude in August 2025. Tom Padgett, Smarsh’s president for enterprise business, stated that like Signal, messages sent through TeleMessage are encrypted, but the app does not address security issues raised by a recent incident involving Signal. The specifics of how government officials utilize TeleMessage remain unclear, and five cybersecurity experts admitted they were unfamiliar with the app prior to recent developments. TeleMessage licenses parts of its technology, including its encryption protocol, to other companies, but Signal clarified there is no formal agreement with TeleMessage and expressed concerns about the privacy and security of unofficial versions of their app.

AppWizard

May 2, 2025

Signals crossed: How Signal Messenger thrived as support for Mike Waltz took a dive

Signal, the encrypted messaging app, has seen a surge in popularity due to increased media attention on the White House's Houthi attack plan scandal. The app's usage has risen as public perception shifts, with many viewing Signal as a champion of privacy amidst concerns about data breaches and surveillance. The app has reported a notable increase in daily active users, and market analysts anticipate potential expansions and innovations as competitors take note of Signal's success. The scandal has led to discussions about privacy and security, particularly affecting key figures within the U.S. government.

Winsage

May 2, 2025

Windows Recall Is Back (but Should You Use It?)

Windows Recall, an AI-driven feature by Microsoft, was initially launched in July but withdrawn due to security and privacy concerns. It has since returned with modifications aimed at improving user experience, although concerns about its functionality persist. Recall captures and analyzes screenshots of user activities to aid in retrieving past documents or messages. Users must have a Copilot+ PC to access Recall, which is not activated by default. Security enhancements include encrypted data storage and mandatory Windows Hello authentication for access. However, issues remain, such as potential access via a computer PIN, inconsistent filtering of sensitive data, and the risk of data being captured from shared devices. Users can exempt specific sites and apps from being captured, but the process is cumbersome.